Splunk Architect - Remote

About The Position

Requirements

• BA/BS or equivalent 15+ years of experience (4 years of experience can be substituted for a degree).
• In-depth understanding of Splunk Enterprise Security environments, including expertise in Splunk Search Processing Language (SPL), modular data inputs, and advanced configurations.
• Splunk Enterprise Certified Architect or Splunk Core Certified Consultant (must demonstrate ability to obtain within 30 days of start date if not current).
• Relevant cybersecurity credentials like CISSP, CEH, Security+ CE, or GIAC certifications (e.g., GCIH or GCFA).
• Active Secret, TS/SCI, or DOE equivalent clearance.
• US Citizenship required.

Nice To Haves

• Additional certifications, such as Splunk Core Certified Consultant, Splunk Core Certified Power User, or similar.
• Strong analytical mindset with the ability to critically evaluate data and propose innovative cybersecurity strategies.
• Exceptional communication skills to articulate technical findings and architectural decisions to both technical teams and non-technical stakeholders.
• Ability to thrive in high-pressure environments, delivering critical insights and solutions to address urgent cybersecurity threats.

Responsibilities

• Architect, deploy, and optimize comprehensive Splunk Enterprise and Splunk Enterprise Security (ES) environments to ensure high performance and scalability under diverse use cases.
• Lead the strategic development of Splunk solutions with a focus on modular designs, efficient configurations, and forward compatibility to meet future technological demands.
• Evaluate Splunk data inputs and integrations, devising workflows that maximize interoperability across hybrid networks.
• Develop tailored Splunk dashboards, advanced analytics tools, and system configurations to detect and correlate security events across complex enterprise environments.
• Analyze security logs and data streams to identify anomalous behaviors and high-risk patterns, enabling proactive mitigation of cybersecurity risks.
• Collaborate with internal teams to conduct forensic investigations, refine monitoring capabilities, and enhance threat intelligence workflows.
• Spearhead initiatives to automate Splunk workflows using scripting tools such as Python and PowerShell, streamlining data parsing, alerting, and reporting.
• Provide technical mentorship to SOC analysts, forensic specialists, and IT administrators, fostering cross-functional alignment on security protocols and system best practices.
• Design Splunk architectures that adhere to organizational and regulatory compliance requirements, enabling solutions for audit readiness and policy enforcement.
• Maintain detailed documentation for architectural configurations, operational playbooks, and troubleshooting guides with a focus on maintaining cybersecurity standards.

Benefits

• AI-powered career tool that identifies career steps and learning opportunities
• An internal mobility team focused on helping you achieve your career goals
• Comprehensive benefits and wellness packages
• 401K with company match
• Competitive pay
• Paid time off
• Full-flex work week to own your priorities at work and at home
• Award-winning culture of innovation
• Military-friendly workplace
• Variety of medical plan options, some with Health Savings Accounts
• Dental plan options
• Vision plan
• 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match
• Full flex work weeks where possible
• Variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave
• GDIT Paid Family Leave program (up to 160 hours of paid leave in a rolling 12 month period)
• Short and long-term disability benefits
• Life insurance
• Accidental death and dismemberment insurance
• Personal accident insurance
• Critical illness insurance
• Business travel and accident insurance